Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2794.NASL
HistoryNov 21, 2013 - 12:00 a.m.

Debian DSA-2794-1 : spip - several vulnerabilities

2013-11-2100:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.9%

JSON

Several vulnerabilities have been found in SPIP, a website engine for publishing, resulting in cross-site request forgery on logout, cross-site scripting on author page, and PHP injection.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2794. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(70981);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2013-4555", "CVE-2013-4556", "CVE-2013-4557");
  script_bugtraq_id(63636, 63637, 63638);
  script_xref(name:"DSA", value:"2794");

  script_name(english:"Debian DSA-2794-1 : spip - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been found in SPIP, a website engine for
publishing, resulting in cross-site request forgery on logout,
cross-site scripting on author page, and PHP injection."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729172"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze/spip"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/spip"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2013/dsa-2794"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the spip packages.

For the oldstable distribution (squeeze), these problems have been
fixed in version 2.1.1-3squeeze7.

For the stable distribution (wheezy), these problems have been fixed
in version 2.1.17-1+deb7u2."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"d2_elliot_name", value:"SPIP ecran_securite connect Parameter RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'D2ExploitPack');

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:spip");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/11/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/21");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"spip", reference:"2.1.1-3squeeze7")) flag++;
if (deb_check(release:"7.0", prefix:"spip", reference:"2.1.17-1+deb7u2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxspipp-cpe:/a:debian:debian_linux:spip
debiandebian_linux6.0cpe:/o:debian:debian_linux:6.0
debiandebian_linux7.0cpe:/o:debian:debian_linux:7.0

Related

openvas 3
cvelist 3
nvd 3
prion 3
debiancve 3
cve 3
ubuntucve 3
d2 1
dsquare 1
openvas
openvas
Debian Security Advisory DSA 2794-1 (spip - several vulnerabilities)
2013-11-10 00:00:00
Debian: Security Advisory (DSA-2794-1)
2013-11-09 00:00:00
SPIP 'connect' Parameter PHP Code Injection Vulnerability
2013-08-29 00:00:00
cvelist
cvelist
CVE-2013-4556
2013-11-15 18:16:00
CVE-2013-4555
2013-11-15 18:16:00
CVE-2013-4557
2013-11-15 18:16:00
nvd
nvd
CVE-2013-4556
2013-11-18 02:55:08
CVE-2013-4555
2013-11-18 02:55:08
CVE-2013-4557
2013-11-18 02:55:08
prion
prion
Cross site scripting
2013-11-18 02:55:00
Code injection
2013-11-18 02:55:00
Cross site request forgery (csrf)
2013-11-18 02:55:00
debiancve
debiancve
CVE-2013-4557
2013-11-18 02:55:08
CVE-2013-4555
2013-11-18 02:55:08
CVE-2013-4556
2013-11-18 02:55:08
cve
cve
CVE-2013-4556
2013-11-18 02:55:08
CVE-2013-4557
2013-11-18 02:55:08
CVE-2013-4555
2013-11-18 02:55:08
ubuntucve
ubuntucve
CVE-2013-4555
2013-11-18 00:00:00
CVE-2013-4557
2013-11-18 00:00:00
CVE-2013-4556
2013-11-18 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_SPIP_RCE_2
2013-11-18 02:55:00
dsquare
dsquare
SPIP ecran_securite connect Parameter RCE
2013-12-27 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.9%

JSON
Related for DEBIAN_DSA-2794.NASL
openvas3cvelist3nvd3prion3debiancve3cve3ubuntucve3d21dsquare1